package com.pl.config.security.oauth2;

import javax.sql.DataSource;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.oauth2.config.annotation.configurers.ClientDetailsServiceConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configuration.AuthorizationServerConfigurerAdapter;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableAuthorizationServer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerEndpointsConfigurer;
import org.springframework.security.oauth2.config.annotation.web.configurers.AuthorizationServerSecurityConfigurer;
import org.springframework.security.oauth2.provider.code.AuthorizationCodeServices;
import org.springframework.security.oauth2.provider.code.JdbcAuthorizationCodeServices;
import org.springframework.security.oauth2.provider.token.DefaultTokenServices;
import org.springframework.security.oauth2.provider.token.TokenStore;
import org.springframework.security.oauth2.provider.token.store.JdbcTokenStore;

@Configuration
@EnableAuthorizationServer
public class AuthorizationServerConfig extends AuthorizationServerConfigurerAdapter{
	
	@Autowired
	private DataSource dataSource;
	
	@Autowired
	private MyUserApprovalHandler myUserApprovalHandler;
	
	@Bean
    public TokenStore tokenStore() {
        return new JdbcTokenStore(dataSource);
    }
	
	@Bean  
	public AuthorizationCodeServices authorizationCodeServices() {  
        return new JdbcAuthorizationCodeServices(dataSource);  
    }
	
	@Override
    public void configure(AuthorizationServerSecurityConfigurer security) throws Exception {
        super.configure(security);
    }

    @Override
    public void configure(ClientDetailsServiceConfigurer clients) throws Exception {
//    	clients.inMemory()
//		        .withClient("UserServer")
//		        .secret("$2a$10$xTALIXLhmQ8URDGxOsFzXOFKkwJbw04aCa5WK7Lz3zv.lYfQHwCCW")  //123456
//		        .authorizedGrantTypes("authorization_code", "refresh_token")
//		        .scopes("all")
//		        .redirectUris("http://localhost:9997/UserServer/login/oauth2/code/callback");
    	
    	clients.jdbc(dataSource);
    }

    @Override
    public void configure(AuthorizationServerEndpointsConfigurer endpoints) throws Exception {
    	//super.configure(endpoints);

    	endpoints.tokenStore(tokenStore());
    	//endpoints.approvalStoreDisabled();
    	endpoints.userApprovalHandler(myUserApprovalHandler);
    	endpoints.authorizationCodeServices(authorizationCodeServices());
    	
    	DefaultTokenServices tokenServices = new DefaultTokenServices();
    	tokenServices.setTokenStore(endpoints.getTokenStore());
        tokenServices.setSupportRefreshToken(true);  
        tokenServices.setReuseRefreshToken(false);   //RefreshToken不重用，也刷新
        tokenServices.setClientDetailsService(endpoints.getClientDetailsService());
        tokenServices.setTokenEnhancer(endpoints.getTokenEnhancer());
        tokenServices.setAccessTokenValiditySeconds(60*60*10);			//token有效期设置10小时
        tokenServices.setRefreshTokenValiditySeconds(60*60*16);			//Refresh_token:16小时
        endpoints.tokenServices(tokenServices);  

    }
}
